Cisco has announced an AI-powered enhancement to its Splunk Observability offering, aiming to deliver real-time business insights and improve digital infrastructure reliability for organisations.
The updated Splunk Observability portfolio employs agentic AI to unify visibility across diverse IT environments, generate actionable business contexts, and use AI-powered agents at every incident response phase - monitoring both quality and performance. Integrations with Cisco technologies and Splunk platforms are designed to enable customers to correlate data from across networks, infrastructures, and applications, thereby supporting the resilience of their digital operations.
AI visibility and control
Patrick Lin, Senior Vice President and General Manager of Splunk Observability, outlined the company's approach, stating, "Our mission is clear – to help organisations put AI applications and agents to work, while retaining visibility and control. With the latest innovations in Splunk Observability, we are empowering enterprises to proactively monitor their critical applications and digital services with ease, resolve issues before they escalate, and ensure the value and outcomes they derive from observability are commensurate with the cost."
The incorporation of agentic AI aligns with changing software development paradigms, as AI-assisted coding and autonomous agents become increasingly prevalent. These systems require tailored telemetry to verify model performance, ensuring alignment with business objectives and cost considerations. The company says unified, contextual visibility helps organisations prioritise IT issues based on their business impact.
Agentic AI-driven incident response
The Splunk Observability portfolio incorporates new agentic AI capabilities to facilitate automated telemetry collection, incident alerting and correlation, root-cause analysis, and suggested resolutions. The release covers several new features intended to automate and streamline operational responses:
- AI Troubleshooting Agents: These are available within Splunk Observability Cloud and Splunk AppDynamics, automatically analysing incidents and identifying potential root causes to expedite issue response.
- Event iQ in Splunk IT Service Intelligence (ITSI): This feature automates alert correlation, helping teams reduce alert fatigue and contextualise grouped notifications for faster incident triage.
- ITSI Episode Summarisation: Working alongside Event iQ, this can automatically generate incident summaries, detailing trends, impacts, and root causes for quicker troubleshooting.
Observability tools for AI-driven environments
Splunk is also addressing the needs of organisations deploying AI applications and large language models (LLMs). The updated portfolio offers analytics to monitor agent health, security, and operational costs. Dedicated features include:
- AI Agent Monitoring: Monitors LLM and AI agent quality, security, and cost performance relative to business requirements.
- AI Infrastructure Monitoring: Provides health and usage monitoring for AI-driven infrastructures, flagging performance bottlenecks and resource spikes to help manage expenditure.
Unified approach across platforms
Cisco is combining functionality from Splunk AppDynamics and Splunk Observability Cloud to offer a unified observability experience spanning three-tier and microservices architectures. Integration with Cisco ThousandEyes expands the capabilities to network visibility, helping IT, network and engineering teams identify how network issues affect application and end-user performance. Specific innovations include:
- Business Insights: Teams can view correlations between application performance and business process health, such as checkout systems or supply chain flows, with minimal setup.
- Digital Experience Analytics: Product and design teams gain enhanced visibility into customer journeys and behaviours, improving analysis of the user experience.
- Application Performance Management (APM) for hybrid apps and business transactions: These developments strengthen support for both cloud-native and hybrid environments, leveraging existing expertise from Splunk AppDynamics.
- Session Replay for Real User Monitoring (RUM): Available for both Splunk AppDynamics and Splunk Observability Cloud, this enables teams to review browser and mobile user sessions, supporting optimisation of the online experience.
- Splunk AppDynamics Agent: Built on OpenTelemetry, this new agent allows data collection in both Splunk AppDynamics and Observability Cloud environments, offering flexibility for customers using either solution.
- Splunk Observability Cloud RUM Integration with Cisco ThousandEyes: This feature allows for correlation of real user experience data with network performance across both owned and third-party domains, helping to localise and resolve issues linked to network bottlenecks.
Expert perspective
"Through the new agentic AI innovations within Splunk Observability, Cisco offers organisations more proactive visibility and actionable insights into both their digital operations and AI system health and performance," said Torsten Volk, Principal Analyst, Application Modernisation, Enterprise Strategy Group. "These kinds of capabilities are critical as enterprises look to scale AI in a controlled and reliable manner."
Splunk states that several features - including AI Agent Monitoring, AI Troubleshooting Agents, ITSI Episode Summarisation, Business Insights, Digital Experience Analytics, and RUM Integration with Cisco ThousandEyes - are available or will be available soon in an alpha (private preview) phase. Other listed functionalities are generally available in all supported regions.
The company notes that some features remain under development and timelines for release may be subject to revision in line with ongoing technological evolution and customer needs.
